By default, a user name of “admin” is created when you install WordPress. It does this for everyone, which means hackers know this too and so they already have half of the information they need to get into your site. Considering some of the simple passwords people use (you know who you are) the hackers have some pretty easy work.
To solve this part of the problem, simply go into your WordPress administration page and in the toolbar on the left click Users and then create a new user with the role of administrator. Make sure you create a more secure password with this account. Now sign out and then log back in under your new account. Then delete the old admin user. When you click delete it will offer you the option to delete the posts attributed to admin or attribute them to another user – select to attribute them to the new user.
Many of us feel that our site will never be hacked, but it happens to so many each day. Taking small steps like this will give you an advantage of staying safe over the majority.